The Bluecoat reporter software used the the cs-auth-group field on the access logs to identify who is in what group. This field captures a single group that an authenticated user belongs to. The ProxySG will only log "groups of interest", which basically correspond to group names that are explicitly matched against in policy. If there is no policy trigger referring to a particular group name in policy, the ProxySG won't try to figure out if the user is a member of any group, thus prevcenting users from loging in.
If a user belongs to multiple groups, the group logged is determined by the Group Log Order configuration specified in VPM. If the Group Log Order is not specified, an arbitrary group is logged. The steps to set the ‘group log order’ on the ProxySG VPM are as below.
To create the group log order list:
1. Select Configuration > Set Group Log Order; the Set Group Log Order dialog appears.
2. Click Add; the Add Group Object dialog appears.
3. In the Group Name field, enter the name of a group. The group must be already configured on the ProxySG.
4. From the Authentication Realm drop-down list, select a realm.
5. Click OK.
6. Repeat as required to add more groups.
7. To order the list, select a group and click Move Up or Move Down until you achieve the desired order.
8. Click OK.
Other Reporter LDAP articles of interest:
For details on how to setup Reporter to use LDAP as it's authentication realm, see 000013348
For details on what fields your main access log should contain, see 000021974
For details on how to send your access logs to Reporter, see 000008692